Hacker Tracker | June in Review

Where are we in the world of cybersecurity? It’s easy to miss the cybersecurity threats and attacks happening right in our “backyard.” Our goal at PK Tech is to educate and offer proactive steps for cybersecurity safety. It’s essential to be aware–without being afraid–of the cybersecurity threats that are real threats for your business. PK Tech aims to be a leading educator and support tool in the world of cybersecurity.

Check out our monthly “Hacker Tracker” for the latest in cybersecurity hacks, breaches, and updates…

#1 A major meat producer was hacked. Here’s what you need to know | 6.2.21

  • Hackers attacked JBS USA’s (one the world’s largest meat producers) IT system last weekend, prompting shutdowns at company plants in North America and Australia.
  • The cyberattack resulted in the closure of all nine of the company’s US beef plants, which are located in states including Arizona, Texas, Nebraska, Colorado, Wisconsin, Utah, Michigan and Pennsylvania
  • The White House has said that the ransomware attack was likely carried out by a Russia-based criminal organization. The U.S. government is dealing with Russia on the topic.
  • View the Source

#2 Electronic Arts, a video game maker, is the latest company to be hacked. | 6.10.21

  • Electronic Arts, the maker of popular video games including the FIFA, Madden, Sims and Medal of Honor series, is investigating an intrusion into its network that resulted in game source code and tools being stolen.
  • Electronic Arts, the maker of popular video games including the FIFA, Madden, Sims and Medal of Honor series, said Thursday that it was investigating an intrusion into its network that resulted in game source code and tools being stolen.
  • The posts were reviewed by Intel 471, a cybercrime intelligence firm, which said the hackers were advertising about 800 gigabytes worth of data.
  • View the Source

#3 Peloton Bike+ Was Vulnerable to Remote Hacking, Researchers Find | 6.16.21

  • McAfee’s Advanced Threat Research team found a flaw that let hackers bypass Peloton’s boot verification process
  • A hacker could use a USB key to upload a fake boot image file that grants them access to a bike remotely without a user ever knowing.
  • That hacker can then install and run programs, modify files, harvest login credentials, intercept encrypted internet traffic, or spy on users through the bike’s camera and microphone.
  • Peloton reportedly patched the issue on June 4 during the disclosure window, and there are no indications the vulnerability has been exploited in the wild.
  • View the Source

#4 Carnival Cruise hit by data breach, warns of data misuse risk | 6.17.21

  • Carnival Corporation, the world’s largest cruise ship operator, has disclosed a data breach after attackers gained access to some of its IT systems and the personal, financial, and health information belonging to customers, employees, and crew.
  • Unauthorized third-party access to a limited number of email accounts was detected on March 19, 2021.
  • Impacted information includes: data routinely collected during the guest experience and travel booking process or through the course of employment or providing services to the Company, including COVID or other safety testing; names, addresses, phone numbers, passport numbers, dates of birth, health information, and, in some limited instances, additional personal information like SS # or national identification numbers.
  • This marks the second attack on Carnival in the last two years, the latter being in August 2020.
  • View the Source

Lessons Learned From This Month’s Hacks

  1. Ransomware is shutting down parts of U.S. infrastructure again. Don’t be surprised when new regulations regarding “critical infrastructure” come out to put some pressure on businesses to spend more on cybersecurity. Also, the FBI and DOJ are treating ransomware attacks with the same priority as terrorism. We hope the FBI/DOJ starts to make an impact in this free-for-all Russian hack fest.

    How could this have been prevented? Our guess is it started with a phishing attack that led to bad actors crawling through their network and taking advantage of vulnerable unpatched software. Do phish training and perform updates (managed updates) ongoingly, people! Who knows, when companies keep the details private to save face, we all lose.

  2. Finally, a non-ransomware headline. Intellectual property (I.P.) theft and likely a follow-up extortion play. If your business’s I.P. (source code) is on internet-connected computers, shouldn’t securing your infrastructure be top of mind? Or is that an optional DLC EA opted not to buy? Again, details on these incidents generally are not released to the public, and we all lose. Lesson learned: many organizations only take cybersecurity seriously AFTER an attack.

    Don’t be penny-wise pound-foolish. It’s cheaper BEFORE, and your reputation doesn’t take a hit (priceless?).

  3. “Smart” internet-connected devices like workout equipment and refrigerators are categorized as the Internet of Things (IoT). IoT scares cybersecurity professionals to death because of how little thought is put into securing these devices. Real example: S.C. Mom Says Baby Monitor Was Hacked. Lessons learned and general advice on IoT: assume the worst and think about what an IoT device could do if hacked. For example, a smart L.G. fridge can remotely be told to make ice faster, OK, not a significant threat. A baby monitor with swiveling camera and speaker/mic — threat. Go low tech until you find an explicitly (third-party tested) secure product OR mitigate your risk for the worst-case scenario.

  4. The kicker with Carnival Cruise is they’ve been hit by ransomware twice in one year. What will it take for them to take this seriously? It seems large organizations who are breached rather pay for credit monitoring to those affected over attacking the root cause(s). On the other hand, the massive cybersecurity talent pool deficit and COVID-19 effects on cruise ship revenue do not bode well. Lesson learned: Is it unfair the U.S. government allows attacks (ransomware) by foreign actors (Russia) and those private companies have to fight over resources (cybersecurity professionals) to stay afloat? No, but until we see the results of the FBI/DOJ treating ransomware as terrorism, you need to factor in the increased cost of cybersecurity into your pricing. 

Reach out if you have questions here.